Data Security

Abstract

Corporates, industries, and governments have completely digitized their infrastructure, processes, and data or running towards completed digitalization. This data could be text files, different types of databases, accounts, and networks. The data living in the digital format needs to be preserved and also protected from unauthorized access. If this data remains open for access, any unauthorized user can destroy, encrypt, or corrupt the data, making the data unusable. There are implications of data security threats such as data breaches and data spills, beyond cost and can spell doom for the business. Hence the data needs to be protected from such threats. Data security is a mechanism through which data is protected and prevented from loss due to unauthorized access. It is a mix of practices and processes to ensure data remains protected from unauthorized use and readily accessible for authorized use. Data Security is essential for achieving data privacy in general. To define appropriate security measures, we must define the difference between a data breach and a data leak. Data security mechanisms could be data-centric such as identity and access management, encryption and tokenization, and backup and recovery. A defined data governance and compliance can also ensure data security. This chapter will explain why there is a need for data security, methods and processes to achieve data security, and touch upon some of the data security laws and regulations. We will also see a case study on how hackers exploited a vulnerability to mount a data security attack worldwide and how data security mechanisms could have prevented it.